CN108259431A - The method, apparatus and system of account information are shared between applying more - Google Patents

The method, apparatus and system of account information are shared between applying more Download PDF

Info

Publication number
CN108259431A
CN108259431A CN201611245085.5A CN201611245085A CN108259431A CN 108259431 A CN108259431 A CN 108259431A CN 201611245085 A CN201611245085 A CN 201611245085A CN 108259431 A CN108259431 A CN 108259431A
Authority
CN
China
Prior art keywords
user
application
server
information
code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611245085.5A
Other languages
Chinese (zh)
Inventor
宋超
沈中华
谢建军
朱天祥
董亚伟
郭佩华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aisino Corp
Original Assignee
Aisino Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aisino Corp filed Critical Aisino Corp
Priority to CN201611245085.5A priority Critical patent/CN108259431A/en
Publication of CN108259431A publication Critical patent/CN108259431A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Abstract

The present invention provides the method, apparatus and system that account information is shared between a kind of mostly application.Wherein, the method that account information is shared between more applying includes the following steps:Server receives the access request that user accesses application;It is described apply it is registered in advance in server;In server, pre-registered other application whether there is log-on message for lookup;If other application, there are log-on message, the application to the requests verification sends the operation information for allowing user's operation.The present invention unifies preservation management user information by server, the shared of user information is realized between applying more, it need to only be logged between applying primary more, the user information that logon operation directly transfers server is exempted from the access of follow-up other application, therefore this method is easy to operate, the time repeatedly logged between mostly application is not only reduced, and saves the memory of each application management user information.

Description

The method, apparatus and system of account information are shared between applying more
Technical field
The present invention relates to Internet technical field, in particular to it is a kind of apply more between share account information method, Apparatus and system.
Background technology
Increase as Information Technology Development causes to quote platform, and the account of each application have nothing in common with each other cause it is each should Manage independently maintenance with the user information to its each account, therefore same user logs in different application to waste repetition defeated Time of the access customer information and preservation of user information in the respective applications has occupied quantitative memory.
The account system of solution includes OAuth Certificate Authorities and application platform and Application share login state at present Method, proxy server and system etc..Wherein OAuth agreements are that some common accounts are added in user's table of application, It realizes and logs in;It is by sending logging request between application that application platform, which shares login status method, and the key logined successfully is returned Other application is returned to, application server rear end carries out simulation register.Both schemes can realize that user exempts to log in Operation, but have its corresponding deficiency.Wherein different application will distinguish managing user information in OAuth authentication authority methods, increase The expense of each application has been added still to need to input user information with the login for occupying its memory and different application;And it applies Platform is logged in Application share still to carry out in method, proxy server and the system of state using itself in application platform server Register still occupy using and application platform server memory.
Invention content
In consideration of it, the present invention proposes a kind of method, apparatus and system that account information is shared between more applying, it is intended to solve The prior art is both needed to login step when respective user information is managed in application independently and same user logs in different application and makes The problem of memory being wasted into trivial operations.
On one side, the method that the present invention proposes shared account information between a kind of mostly application, this method include following step Suddenly:Receiving step, server receive the access request that user accesses application;It is described apply it is registered in advance in server;It searches Step, search server pre-registered other application whether there is log-on message;Verification step, if other application is deposited In log-on message, then the application to the requests verification sends the operation information for allowing user's operation.
Further, in the method that account information is shared between above-mentioned mostly application, the finding step further comprises:It searches It whether there is log-on message in caching;If lookup obtains, it is determined that the user has logged in other application, and transfers the use The logging-in code at family;If do not find, it is determined that the user is not logged in other application;The logging-in code exists for the server Allow what the user generated when logging in pre-registered application.
Further, in the method that account information is shared between above-mentioned mostly application, if finding logon information, described in update The cache-time of user.
Further, it in the method that account information is shared between above-mentioned mostly application, in the determining step, is tested to the request The application of card, which is sent, allows the operation information of user's operation to include:The logging-in code of the user and according to the logging-in code inquire The user information arrived.
Further, it in the method that account information is shared between above-mentioned mostly application, is further included in the determining step:If its There is no log-on messages for his application, then the application to the requests verification sends authorization code, with the application with the requests verification Carry out verification of shaking hands;If verification of shaking hands passes through, the identity information input by user is received, identity is carried out to the user Verification;If user identity verification pass through, to the user generate logging-in code, and the logging-in code is cached and Application to the requests verification sends the operation information for allowing user's operation;If the user identity verification does not pass through, The information that need to be registered in the server is sent to the user.
Further, in the method that account information is shared between above-mentioned mostly application, the identity information input by user includes: User account and with the password after md5 encryption.
Further, it in the method that account information is shared between above-mentioned mostly application, further includes:Exit step receives the use Request is exited at family, empties the content caching, and return allow user exit exit information.
In the present embodiment, the requests verification that server is sent first according to application is confirmed whether to exist in server registration Application log in, if it is confirmed that other application has logged in, server directly transmits the essential information of user to accessing application, should should With the operation interface that the user is jumped to using user information.It is as can be seen that pre-registered in server in the present embodiment It is shared using log-on message is realized.Wherein, it is united between the pre-registered application of server and server by server The user information that one preservation management logs in, therefore save the memory applied for storing user information.In addition, in server Between pre-registered application, as long as after same user has one of application to log in, without again when user accesses other application Secondary login, can directly carry out the relevant operation of the user, institute it is easy to operate in this way and save a large amount of register and Time.
On the other hand, the invention also provides the device that account information is shared between a kind of mostly application, which includes receiving Module, for receiving the access request that user accesses application;It is described apply it is registered in advance in server;Searching module is used for In searching, in server, pre-registered other application whether there is log-on message;Module is confirmed, if for other application There are log-on message, then the application to the requests verification sends the operation information for allowing user's operation.
Further, in the device that account information is shared between above-mentioned mostly application, searching module further comprises:Search submodule Block whether there is log-on message for searching in caching;Determination sub-module, if obtained for searching, it is determined that the user Other application has been logged in, and has extracted the logging-in code of the user;If do not find, it is determined that the user is not logged in other should With;Logging-in code is generated for server when the user is allowed to log in the pre-registered any application of server.
Further, in the device that account information is shared between above-mentioned mostly application, determining module is additionally operable to:If other application There is no log-on message, then the application to requests verification sends authorization code, verification of shaking hands is carried out with the application with requests verification;Such as Fruit verification of shaking hands passes through, then receives the identity information input by user, and proof of identity is carried out to the user;If the use Family proof of identity passes through, then generates logging-in code to the user, and logging-in code is cached and the application to requests verification Sending allows the operation information of user's operation;If user identity verification does not pass through, being sent to the user need to be in server The information registered.
Further, in the device that account information is shared between above-mentioned mostly application, identity information input by user includes:User Account and with the password after md5 encryption.
Further, in the device that account information is shared between above-mentioned mostly application, which further includes:Module is exited, is used for Receive the user exits request, empties caching and the identity information of the user, and returns to what the permission user exited Exit information.
Another aspect, the invention also provides the system that account information is shared between a kind of mostly application, which includes:Service Device and in the pre-registered multiple applications of server;Wherein, it using for receiving user access request, and sends the requests to Server carries out the subscriber authentication;Server is searched registered in server for receiving the access request Other application with the presence or absence of log-on message and in other application there are during log-on message, send out by the application to the requests verification Sending allows the operation information of user's operation;The application of requests verification receives log-on message, and allows to apply and jump to the user Operation interface.
Further, in the system that account information is shared between above-mentioned mostly application, server is additionally operable to:Search caching in whether There are log-on messages;If lookup obtains, it is determined that the user has logged in other application, and extracts the login of the user Code;If do not find, it is determined that the user is not logged in other application;Logging-in code is allowing the user to log in for server It has been generated in the pre-registered any application of server.
Further, in the system that account information is shared between above-mentioned mostly application, server is additionally operable to:It is logged in if found Information updates the cache-time of the user.
Further, in the system that account information is shared between above-mentioned mostly application, server is additionally operable to:If the use Family has logged in other application, then the operation information of permission user's operation that the application to the requests verification is sent includes:It is described The logging-in code of the user and the user information inquired according to the logging-in code.
Further, in the system that account information is shared between above-mentioned mostly application, the server is additionally operable to:If other should With there is no log-on message, then the application to the requests verification is sent authorization code, is carried out with the application with the requests verification It shakes hands verification;The application for sending requests verification is additionally operable to when verification of shaking hands passes through, and receives the identity input by user Information, and the identity information is sent to server;The server is additionally operable to:The identity information is received, and to described User carry out proof of identity, if user identity verification pass through, to the user generate logging-in code, and by the logging-in code into Row caching and the operation information for allowing user's operation using transmission to requests verification;If user identity verification does not pass through, The information that need to be registered in the server is then sent to the user.
Description of the drawings
By reading the detailed description of hereafter preferred embodiment, it is various other the advantages of and benefit it is common for this field Technical staff will become clear.Attached drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 is the flow diagram for the method that account information is shared between more being applied in the embodiment of the present invention;
Fig. 2 is the flow diagram of finding step in the embodiment of the present invention;
Fig. 3 is the flow diagram of verification step in the embodiment of the present invention;
Fig. 4 is the another flow diagram for the method that account information is shared between more being applied in the embodiment of the present invention;
Fig. 5 is the structure diagram for the device that account information is shared between more being applied in the embodiment of the present invention;
Fig. 6 is the structure diagram for the system that account information is shared between more being applied in the embodiment of the present invention;
Fig. 7 is the work flow diagram for the system that account information is shared between more being applied in the embodiment of the present invention;
Fig. 8 is the another work flow diagram for the system that account information is shared between more being applied in the embodiment of the present invention.
Specific embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in attached drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure Completely it is communicated to those skilled in the art.It should be noted that in the absence of conflict, embodiment in the present invention and Feature in embodiment can be combined with each other.The present invention will be described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
Sharing method embodiment:
Referring to Fig. 1, Fig. 1 shares the flow chart of the method for account information between mostly application provided in an embodiment of the present invention.Such as Shown in figure, this method comprises the following steps:
Receiving step S1, server receive the access request that user accesses application.
Specifically, this is applied, application registered in advance in server by application management person before user accesses application Registration can be registered by the application interface of opening that invoking server provides, using sending application title, application identities (identifiers, abbreviation ID) and active user ID, server preserves the application message that application is sent, and default setting should User is application management person.Administrator can check all applications in workbench, modify to application deletion and information The operations such as maintenance.Each application acquiescence is there are one administrator, and administrator can be changed using lower all user informations, including moving It hands over administrator, enable disabling user etc..In addition, server further includes application management and the individual workbench page, each application is protected An administrator is stayed, administrator, including transferring administrator, can be invited user's registration, enabled, disabling user with managing staff information Deng, and server administrators can manage application message, be applied including binding, delete application etc..Be intended to access as user in application, Using Ajax (Asynchronous JavaScript And XML, asynchronous JavaScript and XML) technology access can be passed through JSONP (JSON with Padding) form may be used in server, the data format of access request, carries out across Session (session) accesses.The access request that wherein server receives can include the session identification (Session of application Identifiers, referred to as Session ID), and Session ID are logged in for user in application, the ID of utility cession generation.
Finding step S2, search server pre-registered other application whether there is log-on message.
For example, it is registered in the server, and between each other using 1, using 2, using 3, using 4 and using 5 It can carry out exempting to log in shared.If the access request for receiving the user using 1, server can search correlation in the buffer Information, to determine that the user is applying 2, whether logged in using 3, using 4 and application one or more of 5 at this time.It needs Illustrate, this method acquiescence only allows a user to log in simultaneously using 1, using 2, using 3, using 4 and using 5, and Only there are one accounts by each user.Therefore, when searching in the buffer, as long as being meant that in caching there are content, i.e. log-on message The user logged in using 2, using 3, using 4 and apply one or more of 5.
Verification step S3, if there are log-on messages for other application, the application to requests verification, which is sent, allows user to grasp The operation information of work.
Specifically, if it is confirmed that there are log-on messages in the pre-registered one or more application of server, that is to say, that The user for sending access request to application 1 at this time has logged in other application, then server by utilizing logs in code and searches number According to the user basic information preserved in library, and send logging-in code and the user information that inquires to requests verification application, The application of the requests verification jumps to the operation interface of the user using the user information of reception, and the application to requests verification is sent Allow the information of the user's operation, which can include the logging-in code of user and believe according to the user that logging-in code inquires Breath.After the application 1 of transmission requests verification receives operation information, do not need to the user and input log-on message, directly allow the use Family accesses operation.
If for example, whois lookup to application 2, using 3, using existing in any one or more on 4 and application 5 Log-on message then searches the logging-in code and identity information of the user, and the logging-in code and identity information is sent to using 1, leads to Know being verified using 1 user, the user is allowed directly to carry out related access operation in application 1.
Compared with prior art, in the present embodiment, the requests verification that server is sent first according to application is confirmed whether to deposit It is logged in the application in server registration, if it is confirmed that other application has logged in, server directly transmits the basic letter of user Breath jumps to the operation interface of the user using user information to application, the application is accessed.As can be seen that exist in the present embodiment The pre-registered application of server realizes log-on message and shares.Wherein, in the pre-registered application of server and server Between the user information that preservation management logs in unified, therefore save using for storing the interior of user information by server It deposits.In addition, between the application of server registration, as long as user logs in one of application, subsequent user accesses other should Used time need not log on, and can directly carry out the relevant operation of the user, institute is easy to operate in this way and saves a large amount of Register and time.
Referring to Fig. 2, Fig. 2 is the flow chart of finding step in the embodiment of the present invention.As shown in the figure, above-mentioned finding step S2 is also It can include following sub-step:
Sub-step S21:Search whether that there are log-on messages in the buffer.
Specifically, server is received using after the access request sent, and server is searched in server buffer first With the presence or absence of log-on message, which includes logging-in code, user is being allowed to first log into for server wherein logging in code The unique ID generated during pre-registered application logs in identity as user.When it is implemented, log-on message can be with Including Session ID etc..
Sub-step S22:If lookup obtains, it is determined that the user has logged in other application, and transfers the login of the user Code.If do not find, it is determined that the user is not logged in other application.
Specifically, log-on message is obtained if searched in caching, confirms that user has logged in its that register in the server He applies, and transfers the user in caching and log in code.It should be noted that the user is first logged into server registration It is any in application, server will be the user generate a logging-in code, can be by the logging-in code calling and obtaining user information, when this When user logs in the other application of server registration, server still extracts user information using the logging-in code.If in caching It searches less than log-on message, then confirms that user is not logged in any one pre-registered application in server, server will be at random The authorization code for the character string that one length of generation is 18.
If for example, whois lookup to the user application 2, using 3, using any one or more on 4 and application 5 On logged in, then search the logging-in code of the user, and the identity information of the user is transferred according to logging-in code, and by the logging-in code and The identity information transferred is sent to using 1, has passed through the checking request using 1, the user is allowed directly to access using 1.Wherein, Logging-in code is that server is automatically generated for the user when user logs in application for the first time, is one by one between logging-in code and user Corresponding relationship, if for example, the application of first login of the user is using 2, in server when the user is logged in using 2 Can be that the user generates a logging-in code, after the user log in reference 3, using 4, using 5 and application 1 when, Use the logging-in code.
Search user login information in the present embodiment by way of logging-in code in the buffer, it is simple and practicable.
Further, in above-described embodiment, if finding log-on message, server sends the essential information of the user The cache-time of the user is updated simultaneously.
Specifically, log in for the first time registered in user in application, that is, being stepped on from server for user generation Record code starts, and the cache-time of the logging-in code and user information can be defaulted as four hours by server, more than four hours, delays Middle content failure is deposited, that is, content is reset in caching, and subsequent access is in server registration in application, need to re-enter user Identity information log in again.
In the present embodiment, user's base when time of server buffer information defines to prevent the user to be not logged in for a long time This information leaks, while after cache contents clearing, other users has been allowed to input in the application of server registration in advance and used Family information is logged in.
Referring to Fig. 3, Fig. 3 is the flow chart of verification step S3 in above-described embodiment.As shown in the figure, in above-described embodiment, really Determine step S3 and include following sub-step:
Step S31:If other application be not present log-on message, to requests verification application send authorization code, with The application of requests verification carries out verification of shaking hands.If user is not logged in any one in the application of server registration, clothes Device be engaged in then to the authorization code of access request application transmission generation, which carries out handshake authentication with the authorization code and server.It awards Message Digest 5 (Message Digest Algorithm MD5, abbreviation MD5) encryption may be used in weighted code.
Step S32:If verification of shaking hands passes through, identity information input by user is received, proof of identity is carried out to user. If server receives the authorization code that the authorization code that application is sent is sent with server and compared, two authorization codes are identical Words, then verification of shaking hands pass through.If verification of shaking hands passes through, server is sent to using by identity information input by user, is serviced The identity information of reception is compared with the user information inputted during the user's registration preserved in database for device, with to user into Row proof of identity.It can include identity information input by user and Session ID using the user information of transmission.
Step S33:If user identity verification passes through, logging-in code is generated, and logging-in code is cached to user, with And the application to requests verification sends the operation information for allowing user's operation;If user identity verification does not pass through, to user Transmission need to be in the information that server is registered.
Specifically, if the identity information of server reception is consistent with the identity information preserved in database, user's body Part verification passes through, and server will generate this login and uniquely log in code and using Session ID as key (Key), to log in Code is cached using REDIS as value (value) and updates the data the code that logs in library logs in code for this generation, together When to application send the logging-in code of user and the user information that is inquired in the database according to logging-in code;If server connects The identity information preserved in the identity information and database of receipts is inconsistent, then user identity verification does not pass through, and server is to user Transmission enrollment page need to will occur in the information that server is registered, server.User inputs the cell-phone number of user, server Short message verification code will be sent, which is 60 seconds, and the term of validity is half an hour to avoid malicious registration.After being verified User inputs user basic information and is registered, server by using this generate it is random log in code as Key, believed substantially with user It ceases and is preserved in the database for Value, while server sends the operation information of permission user's operation to the application, and then applies Jump to the operation interface under the user.It should be noted that server, which can be transmitted, needs the page registered to the application, user It can directly be registered in application, using the enrollment page that server offer can be used directly, can also develop and be suitble to itself style The page, the registration interface for directly invoking server are registered.
In the present embodiment, not only the use of authorization code further improves the safety of system and prevents that outer have should in server Intrusion, and the offer of enrollment page can prevent the unregistered user directly logged in from repeatedly accessing the numerous of server and application It is trivial.In addition, reduce the access time for logging in code in a manner that caching logs in code in the present embodiment, improve the visit of system Ask efficiency.
In above-described embodiment, identity information input by user includes:User account and with the password after md5 encryption.This reality It applies in example, the use of md5 encryption algorithm further improves the safety of system.
Referring to Fig. 4, Fig. 4 is the another flow chart that account information is shared between more being applied in above-described embodiment.On as shown in the figure, It states in embodiment, this method can also include:Exit step S4, receive user exits request, empties cache contents, and return What permission user exited exits information.The interface that exits that user exits invoking server offer realizes that server receives user Request and User ID are exited, server carries out exiting operation, and empties cache contents and include Session ID of caching, log in Code and cache-time, that is, cache contents are reset, and be then back to that the user exits exits information.
In the present embodiment, the setting of user's exit step can further protect the user information of user, prevent from leaking, Simultaneously after cache contents clearing, other users is allowed to log in the application of server registration in advance.
In conclusion in the present embodiment, server is confirmed whether to exist according to the requests verification of application transmission first to have existed The application of server registration logs in, if it is confirmed that other application has logged in, the essential information that server directly transmits user is extremely visited Ask application, which jumps to the operation interface of the user using user information.As can be seen that in server in the present embodiment Pre-registered application realizes log-on message and shares.Wherein, in the pre-registered application of server with leading between server It crosses server and unifies the user information of preservation management login, therefore save the memory applied for storing user information.In addition, Between the application of server registration, as long as after thering is one of application to log in, without again when user accesses other application It logs in, can directly carry out the relevant operation of logged-in user, institute is easy to operate in this way and saves a large amount of register And the time.
Sharing means embodiment:
Referring to Fig. 5, Fig. 5 shares the structure diagram of the device of account information between mostly application provided in an embodiment of the present invention. As shown in the figure, the device includes:Receiving module 100, searching module 200 and confirmation module 300.Wherein, receiving module 100 is used for Receive the access request that user accesses application;It applies registered in advance in server;Searching module 200 is for lookup in server Pre-registered other application whether there is log-on message;If confirm module 300 for other application there are log-on message, Then the application to requests verification sends the operation information for allowing user's operation.
Further, searching module 200 includes:Search submodule and determination sub-module.Wherein, submodule is searched to be used for Search whether that there are log-on messages in caching;If determination sub-module is obtained in lookup, it is determined that user has logged in other application, And extract the logging-in code of user;If do not find, it is determined that user is not logged in other application;Logging-in code is allowing for server User logs in what is generated in the pre-registered any application of server.
Further, determining module 300 is additionally operable to other application there is no log-on message, then to the application of requests verification Authorization code is sent, verification of shaking hands is carried out with the application with requests verification;If verification of shaking hands passes through, body input by user is received Part information carries out proof of identity to user;If user identity verification passes through, logging-in code is generated, and by logging-in code to user It is cached and the application to requests verification sends the operation information for allowing user's operation;If user identity verification is not led to It crosses, then being sent to user need to be in the information that server is registered.
In above-described embodiment, identity information input by user includes user account and with the password after md5 encryption.
In above-described embodiment, which can also include:Exit module.Exiting module please for receiving exiting for user Ask, empty the identity information for stating caching and user, and return allow user exit exit information.
Wherein, the specific implementation process of receiving module 100, receiving module 200 and confirmation module 300 is referring to above method reality Example is applied, details are not described herein for the present embodiment.
Since sharing method embodiment has said effect, so the sharing means embodiment also has corresponding technology effect Fruit.
Shared system embodiment:
Referring to Fig. 6, Fig. 6 shares the structure diagram of the system of account information between mostly application provided in an embodiment of the present invention. As shown in the figure, the device includes server 400 and multiple applies 500 server is pre-registered.Wherein, it is used using 500 In the access request of reception user, and send the requests to server and carry out subscriber authentication;Server 400 is visited for receiving It asks request, and searches in the registered other application of server with the presence or absence of log-on message and in other application in the presence of login During information, the application to requests verification sends the operation information for allowing user's operation;The application of requests verification receives operation record letter Breath, and allow, using user interface is jumped to, user to be allowed to access.
For example, it is assumed that it is multiple include using 1 in the pre-registered application 500 of server, using 2, using 3, using 4 and should With 5, the application accessed at present is using 1, and the access request of user is received, and be sent to server 400 to be used using 1 The authentication at family.After server 400 receives the authentication sent using 1, and search in the buffer using 2, using 3, Whether logged in using 4 and using 5.If it is logged in using 2, using 3, using one or more in 4 and application 5, server 400 send the operation information for allowing user's operation to application 1, and the operation interface for then jumping to the user's operation using 1 allows User accesses.
In the present embodiment, the requests verification that server is sent first according to application is confirmed whether to exist in server registration Application log in, if it is confirmed that other application has logged in, server directly transmits the essential information of user to accessing application, should should With the operation interface that the user is jumped to using user information.It is as can be seen that pre-registered in server in the present embodiment It is shared using log-on message is realized.Wherein, it is united between the pre-registered application of server and server by server The user information that one preservation management logs in, therefore save the memory applied for storing user information.In addition, in server Between the application of registration, as long as after having one of application to log in, user need not log on when accessing other application, can be direct The relevant operation of the user is carried out, institute is easy to operate in this way and saves a large amount of register and time.
In above-described embodiment, server 400 is additionally operable to search with the presence or absence of log-on message in caching, is obtained if searched, Then determine that user has logged in other application, and extract the logging-in code of user;If do not find, it is determined that user is not logged in other Using;Logging-in code is generated for server when user is allowed to log in the pre-registered any application of server.
When it is implemented, whether server 400 is additionally operable to judge to apply when logging in search log-on message in the buffer, if Lookup obtains log-on message, then illustrates to have logged in using 2, logged in using 3, using 4 and using one or more of 5, taken Business device 400 then extract user log in generated in the pre-registered any application of server log in code and user information;Such as Fruit does not find log-on message, then illustrates that the user is applying 2, is being not logged in using 3, using 4 and application 5.If it does not search To user information, server 400 then generates authorization code at random and updates the cache-time of user.
In above-described embodiment, if server 400, which is additionally operable to user, has logged in other application, the application to requests verification The operation information of the permission user's operation of transmission includes:The logging-in code of user and the user information inquired according to logging-in code.
In above-described embodiment, if server 400 be additionally operable to user's other application there is no log-on message when, to request The application of verification sends authorization code, and verification of shaking hands is carried out with the application with requests verification;The application for sending requests verification is additionally operable to When verification of shaking hands passes through, identity information input by user is received, and identity information is sent to server;Server is additionally operable to Identity information is received, and proof of identity is carried out to user, if user identity verification passes through, logging-in code is generated to user, and Logging-in code is cached and the application to requests verification sends the operation information for allowing user's operation;If user identity Verification does not pass through, then being sent to user need to be in the information that server is registered.
If for example, do not find user information i.e. user application 2, using 3, using being not logged on 4 and application 5, Then server 400 one authorization code of generation will be sent to using 1 at random, using 1 by the authorization code of reception and server 400 into Row handshake authentication.If handshake authentication passes through, it will receive identity information input by user using 1 and it be sent to server 400, the identity information of the user's registration of the identity information of reception with being preserved in database is compared server 400, with Proof of identity is carried out to the user.If the identity information that server 400 receives is consistent with the identity information preserved in database, Then user identity verification passes through, and server 400, which generates, uniquely to be logged in code and will log in code caching, while server 400 will The operation information of user's operation is allowed to be sent to using 1;If user identity verification does not pass through, sent out to user if server 400 Sending need to be in the information that server is registered.The specific register method of user is referring to above method embodiment, the present embodiment Details are not described herein.
The system for sharing account information between mostly application provided in an embodiment of the present invention below in conjunction with Fig. 7 and Fig. 8 carries out Illustrate in more detail:
It assumes initially that using 1, using 2, using 3, using 4 and application 5 in advance in server registration.Current family is intended to visit It asks and applies 1, the access request for obtaining user using 1 is simultaneously carried out using JSONP data formats across Session using Ajax technologies It accesses and access request and Session ID is sent to server.Server will accept the interview solicited message, and search in caching With the presence or absence of log-on message, with determine whether the user has logged in using 2, using 3, using 4 or using 5.If in caching Lookup obtains log-on message, then confirms that the user has logged in and answered using 2, using 3, using 4 and application one or more of 5 With the code that logs in of the user transferred during REDIS is cached is extracted user information by server according to the logging-in code.Then it takes Logging-in code and user information are sent to using JSON data formats using 1, using 1 by business device by HTTP Poet technology accesses The relevant operation interface of the user is jumped to using the content of reception.If searched in caching less than log-on message, confirming should User is not logged in using 2, using 3, using being not logged in any one application either four hours in 4 and application 5, simultaneously Server generates the authorization code of 18 character string at random.Server uses authorization code by HTTP Poet technology accesses JSON data formats are sent to using 1.Carry out handshake authentication using authorization code and server using 1, handshake authentication by it is rear then User inputs the identity information of user in application login interface, which includes user account and password, is taken using utilizing The password of input is sent to server by the user password encryption interface of business device, and server is by the identity information and database of input The identity information of middle preservation carries out proof of identity.If the identity information of input is consistent with the identity information in database, body Part verification passes through, and server will generate this login and uniquely log in code and using Session ID as secret key (Key), to log in Code is cached using REDIS as value (value) and updates the data the code that logs in library logs in code for this generation, together When logging-in code to 1 transmission user of the application and user information that is inquired in the database according to logging-in code.If server The identity information preserved in the identity information and database of reception is inconsistent, then user identity verification do not pass through, server to Family, which is sent, enrollment page will occurs in the information that server is registered, server.User inputs the cell-phone number of user, service Device will send short message verification code at random by short message interface, the verification code interval be 60 seconds, the term of validity for half an hour to avoid Malicious registration.Be verified rear user and input user basic information and registered, server will generate one it is random log in code, Server logs in code as Key using this simultaneously, is preserved in the database using user basic information as Value, while server is sent The operation information of user's operation is allowed using 1 and then to jump to the operation interface under the user to using 1.
In the present embodiment, the requests verification that server is sent first according to application is confirmed whether to exist in server registration Application log in, if it is confirmed that other application has logged in, server directly transmits the essential information of user to accessing application, should should With the operation interface that the user is jumped to using user information.It is as can be seen that pre-registered in server in the present embodiment It is shared using log-on message is realized.Wherein, it is united between the pre-registered application of server and server by server The user information that one preservation management logs in, therefore save the memory applied for storing user information.In addition, in server Between the application of registration, as long as after having one of application to log in, user need not log on when accessing other application, can be direct The relevant operation of the user is carried out, institute is easy to operate in this way and saves a large amount of register and time.
It should be noted that by this present embodiment sharing method, sharing means and shared system principle it is identical, it is related Part can be cross-referenced.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art God and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (17)

1. the method for account information is shared between a kind of mostly application, which is characterized in that include the following steps:
Receiving step, server receive the access request that user accesses application;It is described apply it is registered in advance in server;
Finding step, search server pre-registered other application whether there is log-on message;
Verification step, if there are log-on messages for other application, the application to the requests verification, which is sent, allows user's operation Operation information.
2. it is according to claim 1 apply between share account information method, which is characterized in that the finding step into One step includes:
It searches and whether there is log-on message in caching;
If lookup obtains, it is determined that the user has logged in other application, and transfers the logging-in code of the user;If it does not look into It finds, it is determined that the user is not logged in other application;The logging-in code is allowing the user to log in for the server It is generated during pre-registered application.
3. the method for account information is shared between mostly application according to claim 2, which is characterized in that if finding login Information updates the cache-time of the user.
4. the method for account information is shared between mostly application according to claim 2, which is characterized in that the determining step In, the application to the requests verification, which is sent, allows the operation information of user's operation to include:
The logging-in code of the user and the user information inquired according to the logging-in code.
5. the method for account information is shared between mostly application according to claim 2, which is characterized in that in the determining step It further includes:
If other application be not present log-on message, to the requests verification application send authorization code, with the request The application of verification carries out verification of shaking hands;
If verification of shaking hands passes through, the identity information input by user is received, proof of identity is carried out to the user;
If the user identity verification passes through, logging-in code is generated, and the logging-in code is cached to the user, with And the application to requests verification sends the operation information for allowing user's operation;If user identity verification does not pass through, to described User sends the information that need to be registered in the server.
6. the method for account information is shared between mostly application according to claim 5, which is characterized in that described input by user Identity information includes:User account and with the password after md5 encryption.
7. the method for account information is shared between mostly application according to any one of claim 1 to 6, which is characterized in that also Including:
Exit step, receive the user exits request, empties the cache contents, and returns to what the permission user exited Exit information.
8. the device of account information is shared between a kind of mostly application, which is characterized in that including:
Receiving module, for receiving the access request that user accesses application;It is described apply it is registered in advance in server;
Searching module, for searching, in server, pre-registered other application whether there is log-on message;
Confirm module, if there are log-on messages for other application, the application to the requests verification, which is sent, allows user The operation information of operation.
9. it is according to claim 8 apply between share account information device, which is characterized in that the searching module into One step includes:
Submodule is searched, whether there is log-on message in caching for searching;
Determination sub-module, if obtained for searching, it is determined that the user has logged in other application, and extracts the user's Logging-in code;If do not find, it is determined that the user is not logged in other application;The logging-in code is allowing for the server The user logs in what is generated in the pre-registered any application of server.
10. the device of account information is shared between mostly application according to claim 9, which is characterized in that the determining module It is additionally operable to:
If other application be not present log-on message, to the requests verification application send authorization code, with the request The application of verification carries out verification of shaking hands;
If verification of shaking hands passes through, the identity information input by user is received, proof of identity is carried out to the user;
If the user identity verification passes through, logging-in code is generated, and the logging-in code is cached to the user, with And the application to requests verification sends the operation information for allowing user's operation;If user identity verification does not pass through, to described User sends the information that need to be registered in the server.
11. the device of account information is shared between mostly application according to claim 10, which is characterized in that user's input Identity information include:User account and with the password after md5 encryption.
12. the device of account information is shared between the mostly application according to any one of claim 8 to 11, which is characterized in that It further includes:
Module is exited, request is exited for receive the user, empties the caching and the identity information of user, and return and permit What perhaps described user exited exits information.
13. the system of account information is shared between a kind of mostly application, which is characterized in that including:Server and in the server Pre-registered multiple applications;Wherein,
The application is used to receive the access request of user, and the access request is sent to the server and carries out user's body Part verification;
The server is searched in the registered other application of server for receiving the access request with the presence or absence of login Information and in other application there are during log-on message, the application to the requests verification sends the operation for allowing user's operation Information;
The application of the requests verification receives the operation information, and the application is allowed to jump to the user interface.
14. the system of account information is shared between mostly application according to claim 13, which is characterized in that the server is also For:
It searches and whether there is log-on message in caching;
If lookup obtains, it is determined that the user has logged in other application, and extracts the logging-in code of the user;If it does not look into It finds, it is determined that the user is not logged in other application;The logging-in code is allowing the user to log in for the server It is generated in the pre-registered any application of server.
15. the system of account information is shared between mostly application according to claim 14, which is characterized in that the server is also For:If finding logon information, the cache-time of the user is updated.
16. the system of account information is shared between mostly application according to claim 14, which is characterized in that the server is also For:If the user has logged in other application, to the behaviour of the permission user's operation of the application transmission of the requests verification Include as information:The logging-in code of the user and the user information inquired according to the logging-in code.
17. the system of account information is shared between mostly application according to claim 14, which is characterized in that
The server is additionally operable to:If log-on message is not present in other application, awarded to the requests verification using transmission Weighted code carries out verification of shaking hands with the application with the requests verification;
The application for sending requests verification is additionally operable to when verification of shaking hands passes through, and receives the identity information input by user, And the identity information is sent to server;
The server is additionally operable to:The identity information is received, and proof of identity is carried out to the user, if user identity school It tests and passes through, then logging-in code is generated to the user, and the logging-in code is cached and to requests verification using transmission Allow the operation information of user's operation;If user identity verification does not pass through, being sent to the user need to be in the server The information registered.
CN201611245085.5A 2016-12-29 2016-12-29 The method, apparatus and system of account information are shared between applying more Pending CN108259431A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611245085.5A CN108259431A (en) 2016-12-29 2016-12-29 The method, apparatus and system of account information are shared between applying more

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611245085.5A CN108259431A (en) 2016-12-29 2016-12-29 The method, apparatus and system of account information are shared between applying more

Publications (1)

Publication Number Publication Date
CN108259431A true CN108259431A (en) 2018-07-06

Family

ID=62719884

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611245085.5A Pending CN108259431A (en) 2016-12-29 2016-12-29 The method, apparatus and system of account information are shared between applying more

Country Status (1)

Country Link
CN (1) CN108259431A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109120597A (en) * 2018-07-18 2019-01-01 阿里巴巴集团控股有限公司 Proof of identity, login method, device and computer equipment
CN109858905A (en) * 2018-12-21 2019-06-07 航天信息软件技术有限公司 The electronic certificate processing method and processing device of cross-system
CN110069919A (en) * 2019-04-25 2019-07-30 上海连尚网络科技有限公司 Information acquisition method and device
CN110213445A (en) * 2019-06-03 2019-09-06 四川长虹电器股份有限公司 Login system and method are exempted from a kind of iOS application
CN110310118A (en) * 2019-06-28 2019-10-08 百度在线网络技术(北京)有限公司 User information verification method, device, equipment and medium based on block chain
CN110995661A (en) * 2019-11-12 2020-04-10 广州大白互联网科技有限公司 Network card platform
CN111176678A (en) * 2019-12-19 2020-05-19 深圳市航天泰瑞捷电子有限公司 Software controlled automatic updating method and device
CN111614641A (en) * 2020-05-11 2020-09-01 北京电信易通信息技术股份有限公司 Cloud account management system and application method
CN112243007A (en) * 2020-10-15 2021-01-19 广东科徕尼智能科技有限公司 Single-user login method, equipment and storage medium
US20220124096A1 (en) * 2020-02-17 2022-04-21 Beijing Baidu Netcom Science Technology Co., Ltd. Authorization method and non-transitory computer-readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103501344A (en) * 2013-10-10 2014-01-08 从兴技术有限公司 Method and system for realizing single sign-on of plurality of applications
US20140282975A1 (en) * 2013-03-15 2014-09-18 Veracode, Inc. Systems and methods for automated detection of login sequence for web form-based authentication
CN104601590A (en) * 2015-01-30 2015-05-06 网易(杭州)网络有限公司 Login method, server and mobile terminal
CN105072133A (en) * 2015-08-28 2015-11-18 北京金山安全软件有限公司 Login method and device for application program
CN105450637A (en) * 2015-11-09 2016-03-30 歌尔声学股份有限公司 Single sign-on method and device for multiple application systems

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140282975A1 (en) * 2013-03-15 2014-09-18 Veracode, Inc. Systems and methods for automated detection of login sequence for web form-based authentication
CN103501344A (en) * 2013-10-10 2014-01-08 从兴技术有限公司 Method and system for realizing single sign-on of plurality of applications
CN104601590A (en) * 2015-01-30 2015-05-06 网易(杭州)网络有限公司 Login method, server and mobile terminal
CN105072133A (en) * 2015-08-28 2015-11-18 北京金山安全软件有限公司 Login method and device for application program
CN105450637A (en) * 2015-11-09 2016-03-30 歌尔声学股份有限公司 Single sign-on method and device for multiple application systems

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109120597B (en) * 2018-07-18 2020-09-01 阿里巴巴集团控股有限公司 Identity verification and login method and device and computer equipment
CN109120597A (en) * 2018-07-18 2019-01-01 阿里巴巴集团控股有限公司 Proof of identity, login method, device and computer equipment
US11190527B2 (en) 2018-07-18 2021-11-30 Advanced New Technologies Co., Ltd. Identity verification and login methods, apparatuses, and computer devices
CN109858905A (en) * 2018-12-21 2019-06-07 航天信息软件技术有限公司 The electronic certificate processing method and processing device of cross-system
CN109858905B (en) * 2018-12-21 2023-04-25 航天信息软件技术有限公司 Cross-system electronic certificate processing method and device
CN110069919A (en) * 2019-04-25 2019-07-30 上海连尚网络科技有限公司 Information acquisition method and device
CN110069919B (en) * 2019-04-25 2021-08-24 上海连尚网络科技有限公司 Information acquisition method and device
CN110213445A (en) * 2019-06-03 2019-09-06 四川长虹电器股份有限公司 Login system and method are exempted from a kind of iOS application
CN110310118A (en) * 2019-06-28 2019-10-08 百度在线网络技术(北京)有限公司 User information verification method, device, equipment and medium based on block chain
CN110310118B (en) * 2019-06-28 2023-10-31 百度在线网络技术(北京)有限公司 User information verification method, device, equipment and medium based on block chain
CN110995661B (en) * 2019-11-12 2022-04-01 广州大白互联网科技有限公司 Network card platform
CN110995661A (en) * 2019-11-12 2020-04-10 广州大白互联网科技有限公司 Network card platform
CN111176678A (en) * 2019-12-19 2020-05-19 深圳市航天泰瑞捷电子有限公司 Software controlled automatic updating method and device
US20220124096A1 (en) * 2020-02-17 2022-04-21 Beijing Baidu Netcom Science Technology Co., Ltd. Authorization method and non-transitory computer-readable storage medium
CN111614641A (en) * 2020-05-11 2020-09-01 北京电信易通信息技术股份有限公司 Cloud account management system and application method
CN112243007A (en) * 2020-10-15 2021-01-19 广东科徕尼智能科技有限公司 Single-user login method, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN108259431A (en) The method, apparatus and system of account information are shared between applying more
CN111783067B (en) Automatic login method and device between multiple network stations
US11218481B2 (en) Personal identity system
US9083680B2 (en) Systems, methods, and computer readable media for application-level authentication of messages in a telecommunications network
CN105007280B (en) A kind of application login method and device
CN103023918B (en) The mthods, systems and devices logged in are provided for multiple network services are unified
US6993596B2 (en) System and method for user enrollment in an e-community
US7296290B2 (en) Method and apparatus for handling user identities under single sign-on services
CN101388773B (en) Identity management platform, service server, uniform login system and method
US6237037B1 (en) Method and arrangement relating to communications systems
US20040205243A1 (en) System and a method for managing digital identities
CN104158818B (en) A kind of single-point logging method and system
KR20020022650A (en) A shared registration system for registering domain names related application
KR20050040836A (en) Enhanced privacy protection in identification in a data communications network
US20220321357A1 (en) User credential control system and user credential control method
JP2007219935A (en) Distributed authentication system and distributed authentication method
US11165768B2 (en) Technique for connecting to a service
US10904243B2 (en) Authenticate a first device based on a push message to a second device
CN108076077A (en) A kind of conversation controlling method and device
CN109962892A (en) A kind of authentication method and client, server logging in application
CN106209727A (en) A kind of session access method and apparatus
CN104113511B (en) A kind of method, system and relevant apparatus for accessing IMS network
CN116980163A (en) Data processing method, device, equipment and medium based on trusted execution environment
CN113660284B (en) Distributed authentication method based on bill
KR20070076575A (en) Method for processing user authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180706